1. Statement of the Technical Field
The inventive arrangements relate to personal electronic devices, and more particularly to personal digital assistant devices for storing, processing and communicating classified as well as unclassified data.
2. Description of the Related Art
Mobile computers, which are sometimes called personal digital assistants or PDAs, have the ability to store, process and communicate data. PDAs generally fall into one of several categories which can include handheld PCs, palm size PCs, smart phones, and handheld instruments. PDAs typically include some kind of microprocessor with a commercially available operating system such as Linux, Palm OS, or Windows CE (Pocket PC). Many PDAs also have built in LCD displays, touch sensitive screens, and keypads for the human/machine interface. Some PDAs also include wireless networking capabilities. For example, many such devices can communicate with other devices using well known wireless networking standards such as the IEEE 802.11 family of standards. The foregoing capabilities make these compact devices highly useful for a various business and personal applications.
Currently, there exist a wide variety of PDA devices with conventional operating systems and architectures. These commercially available PDAs with commercial-off-the-shelf (COTS) operating systems and COTS application programs generally satisfy the processing and communications requirements of most users. For example, they include applications for word processing, data storage, spreadsheets, email, internet browsing, time management, contact management, network communications, and voice communications. These applications generally function quite well and have interfaces that are familiar to many users. The familiarity of these applications to users, and the relatively low cost of COTS software are considered advantageous for a variety of reasons.
Some commercially available PDA devices and/or software applications incorporate various security measures in an effort to protect data which is stored, processed or communicated using the device. For example, encryption technology and password protection features are known in the art. Still, this level of security can be inadequate for managing information that is of a Confidential, Secret, or Top Secret nature, particularly when such information relates to matters of national security. For example, COTS operating systems and applications may not be sufficiently trustworthy for handling this type of information. Such programs can be susceptible to being compromised by various means including hacker attacks, viruses, worms, Trojan horses, and a wide variety of other means that are known to those skilled in the art.
Finally, notwithstanding the security limitations of COTS operating systems and applications, the basic architecture and interface systems of many commercial PDA devices may leave these devices vulnerable to intrusion. For example, COTS devices do not employ trusted microprocessors, do not employ physical separation of classified and unclassified data processing, nor do they employ physical tamper detection and subsequent memory zeroization. They may also lack the capability of wireless communications for classified data. Consequently, transport, processing or communication of classified data using a commercial PDA is not generally permitted.
In order to address some of the foregoing problems, personal electronic devices have been developed that are specifically designed to allow for transport of classified data, for example encryption keys. However, these devices are not generally designed to accommodate data processing or wireless communications of classified information. Secure PDA devices are also known in the art. These devices utilize a trusted operating system, trusted microprocessors, and a trusted human/machine interface. However, they generally do not include wireless communications capabilities.
Trusted operating systems, trusted applications, trusted microprocessors, and trusted human/machine interfaces are generally designed to more rigorously address the problem of computer security. For example, trusted operating systems undergo evaluation of their overall design, verification of the integrity and reliability of their source code, and systematic, independent penetration evaluation. In contrast, non-trusted operating systems are generally not designed to an equally high level with regard to security precautions.